Changeset 6828
- Timestamp:
- 12/02/07 09:03:36 (9 months ago)
- Files:
-
- django/trunk/docs/templates.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
django/trunk/docs/templates.txt
r6798 r6828 341 341 into your Web pages, because a malicious user could use this kind of hole to 342 342 do potentially bad things. This type of security exploit is called a 343 Cross Site Scripting`_ (XSS) attack.343 `Cross Site Scripting`_ (XSS) attack. 344 344 345 345 To avoid this problem, you have two options: … … 367 367 Again, we stress that this behavior is on by default. If you're using Django's 368 368 template system, you're protected. 369 370 .. _Cross Site Scripting: http://en.wikipedia.org/wiki/Cross-site_scripting 369 371 370 372 How to turn it off
